Is WebGL dangerous?

I'm against having to update hardware video drivers for browser activity. In my corporate environment, I want stability. I do not want to update working and stable hardware drivers every month so that I can securely run my web browser. It just doesn't make sense. If they make it modular, where I can deploy a separate installer to update security mechanisms for WebGL, then fine. Otherwise, I'm turning this off.

I use google chrome policy templates to disable it...

 

Funny how you change your mind in less than a day, just earlier you said patching was useless.

hpmnick, couldn't have put it better myself. Keeping updated video drivers just to run a browser is nuts, sacrificing gaming performance just to make them more secure is even worse.

 

The worst thing that can happen by direct access to the GPU metal is a BSOD (in terms of what may happen to a single computer). At best, any malicious code can attempt to exploit the driver and cause the system to crash by doing something with the graphics pipeline.

It cannot cause damage to hardware. It cannot launch some hidden process on the GPU because that needs to be on the memory anyway.

I agree that crashes may be a problem, but GPU drivers already have measures in place to "recover" the GPU in dangerous situations. There's no reason why they cannot modify it further to cover something like this.

I really do not see anything more harmful than what I've already seen, except for a new way to do the same old thing.

Note that flash itself can be hardware accelerated - what does this use? DXVA - another set of instructions incidentally using DirectX......this just uses OpenGL.

Like I said, same dangers, new methods.

Anyway, I'm not going to support or alienate WebGL in any way.....the fact is that it's just as problematic as, say, Microsoft Silverlight. Therefore, I really don't see Microsoft's reasoning here as everything else is just as vulnerable. And I think it's best to let the developers decide what to use for their sites/products. We, as end-users, will just use what is given (um, and hope for the best).

A good read here: http://games.greggman.com/game/webgl-security-and-microsoft-********/

(Interesting that silverlight has all the same issues including direct GPU access......and yet MS calls it secure?)

NOTE: in the above link, a word has been censored, please enter it in your browser - it's the word that starts with 'bulls'.

 

BSOD's happen because the system realizes that its reached an unstable state. Its very possible for small bits of code to be executed when this occurs. There have been quite a few vulnerabilities that have taken advantage of this..

While I'm not certain what protections there are against this happening, it definitely appears that this could turn into a bigger security flaw..

 

It could, and it could not......But I think it deserves a chance.

 

Why ask is it dangerous when you could ask is it even needed? I've said it half a million times, but I still believe it's just another case of browsers being ahead of the web. Browsers vendors are all about HTML5 now, and how many places actually use it? They're all about hardware acceleration, but where is it being put to use? So now we have two browsers that are shown to be vulnerable ( but likely three, come on, Microsofts implementation can be exploited too and we all know it) now because of a technology that's barely being used and probably won't be widespread for some time to come. (still waiting on a "Flash-killer as well).

 

WebGL Security – Kill It Before It Grows?
-http://www.conceivablytech.com/8329/business/webgl-security-kill-it-before-it-grows-

 

I disabled it just to be on the safe side. In time we will see if there is a danger or not but for now it is better to be safe than sorry imo.

 

GMaps goes for WebGL.

 

Just tried Bing maps and it has the same smoothness and speed of the WebGL version of Google maps, switched over.

On a side note, Chrome 16 now has an option in about:flags to disable WebGL.

 

Well, GMaps is undoubtedly the best of its kind on the Web, unfortunately my notebook doesn't seem to be up to running it with GL. It probably doesn't support the shader rendering or something (it's only three years old). I didn't notice much difference between GL & non-GL on my desktop, although I would probably have to get a better graphics card to notice the difference. I'm really not that bothered at the moment. I am also a bit concerned about security exploits with WebGL (like everyone else lol). I hope that Google don't see this as the future of GMaps without a non-WebGL alternative.

Probably a good thing!

 

There will absolutely be a non-GL alternative. I can't see them removing it entirely until phones/etc can handle it.

I'm not too worried about Google Maps being hacked. WebGL does definitely concern me though.

 

Good. I hope you're right.

Apparently it doesn't worry Google.

 

Well I wouldn't let it worry me if I were in there position. All they're doing is creating a WebGL site. That isn't horrible.

If that site gets hacked they could do something malicious with that WebGL but if the site were hacked they could insert WebGL anyways.

 

Not completely horrible.

What makes WebGL any better than OpenGL or DirectX anyway?

 

WebGL is just OpenGL on the internet. Or that's one way to think of it. It's based on OpenGL and includes appropriate API's for working with the web via JS.

DirectX isn't necessarily more secure it's just not hooked up to the web - at least not that I know of.

I don't know of any projects to expand the DirectX API so that it can run within the browser.

So why is WebGL bad?

Well, it's direct access to the GPU, which is hardware/kernel level. The API wasn't really created with security in mind because it wasn't ever really used on the internet. So now you have a wide open API that goes straight to the lowest level on your computer and an exploit can potentially give access to literally everything.

Now it is connected to the web and they have to backtrack and implement some fixes. That has to happen on the driver side so it's up to ATI/nVidia to deal with it.

 

OK, thanks for the concise précis.

 

WebGL is only one worry if a site is hacked. Unless you disable absolutely all affected plugins, javascript, cookies, etc. and run virtualized, you are not safe.

What makes this more dangerous than hardware-accelerated Flash, SilverLight, etc.?

I got NoScript working with WebGL, very useful.

 

Flash has long been on the web. First came Flash then came hardware accelerated Flash.

This was the opposite way around for WebGL. First came OpenGL then came internet WebGL.

I do not know how well Sandboxie would do depending on the attack. Sandboxie 64bit has kernel-level drawbacks and this would be a kernel-level exploit.

In a generic attack you'd probably be fine. In a targetted attack maybe not.

 

I'd also bet that even GPU accelerated layers like Flash are still living almost entirely on the Application layer, which isn't nearly as dangerous.